﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

using MvcBlog.ViewModels;
using MvcBlog.Common.Models;

namespace MvcBlog.Controllers
{
    public class UserManagerController : Controller
    {

        UserDataAccess userDB;

        public UserManagerController()
        {
            var con = ConnectionFactory.getConnection();

            userDB = new UserDataAccess(con);
        }


        //
        // GET: /UserManager/

        public ActionResult Index()
        {
            //berechtigungen prüfen
            bool allowed = Permissions.Allowed(HttpContext.User.Identity.Name, DbConstants.ROLE_ADMIN);
            if (!allowed)
            {
                return View("NotAuthorized");
            }

            var viewModel = new UserManagerListViewModel()
            {
                Users = userDB.getUsers().ToList().Select(u => new UserManagerViewModel(u)).ToList()
            };
            
            return View(viewModel);
        }


        //suche
        [HttpPost]
        public ActionResult Index(UserManagerListViewModel userVm)
        {
            //berechtigungen prüfen
            bool allowed = Permissions.Allowed(HttpContext.User.Identity.Name, DbConstants.ROLE_ADMIN);
            if (!allowed)
            {
                return View("NotAuthorized");
            }

            string searchString = userVm.searchRequest;
            List<UserManagerViewModel> users;
            if (!String.IsNullOrEmpty(searchString))
            {
                users = userDB.getUsers().ToList().Where(u => u.Username.Contains(searchString)).Select(u => new UserManagerViewModel(u)).ToList();
            }
            else
            {
                users = userDB.getUsers().ToList().Select(u => new UserManagerViewModel(u)).ToList();
            }


            var viewModel = new UserManagerListViewModel()
            {
                Users = users
            };

            return PartialView("UsersList", viewModel);
        }

        //
        // GET: /UserManager/Details/5

        public ActionResult Details(int id)
        {
            //berechtigungen prüfen
            bool allowed = Permissions.Allowed(HttpContext.User.Identity.Name, DbConstants.ROLE_ADMIN);
            if (!allowed)
            {
                return View("NotAuthorized");
            }

            User user = userDB.getUserByID(id);
            var viewModel = new UserManagerViewModel(user);
            return View(viewModel);
        }


        
        //
        // GET: /UserManager/Edit/5
 
        public ActionResult Edit(int id)
        {
            //berechtigungen prüfen
            bool allowed = Permissions.Allowed(HttpContext.User.Identity.Name, DbConstants.ROLE_ADMIN);
            if (!allowed)
            {
                return View("NotAuthorized");
            }

            try
            {
                User user = userDB.getUserByID(id);
                var viewModel = new UserManagerViewModel(user);
                return View(viewModel);
            }
            catch (NullReferenceException)
            {
                return View("Error");
                //return RedirectToAction("../Home/Index");
            }
        }

        //
        // POST: /UserManager/Edit/5

        [HttpPost]
        public ActionResult Edit(UserManagerViewModel userVM)
        {
            //berechtigungen prüfen
            bool allowed = Permissions.Allowed(HttpContext.User.Identity.Name, DbConstants.ROLE_ADMIN);
            if (!allowed)
            {
                return View("NotAuthorized");
            }

            if (ModelState.IsValid)
            {
                try
                {
                    User newUser = userDB.getUserByID(userVM.User.User_ID);
                    userVM.ApplyChanges(newUser);


                    User updatedUser = userDB.updateUserByID(newUser);
                    if (updatedUser != null)
                    {
                        return RedirectToAction("Index");
                    }
                    else
                    {
                        return View("Error");
                    }
                }
                catch(Exception)
                {
                    return View("Error");
                }
            }
            else
            {
                return View("Error");
            }
        }


     
    }
}
